Access internal state

[sinui0]

Our project has a use-case which involves compressing some blocks with SHA2 using 2-party computation and then having one of the parties take the internal state and finish the hash privately. I saw another issue looking for access to internal state, albeit for a different use.

Is there any chance of getting a feature for both constructing a hasher instance from existing state, as well as exporting internal state to be used elsewhere?

Something like this would be helpful

// import
let state: [u32; 8] = [...];
let mut hasher = Sha256::from_state(state);
hasher.update(b"additional data");
let digest = hasher.finalize();

// export
let mut hasher = Sha256::new();
hasher.update(b"secret data");
let state: [u32; 8] = hasher.state();

send(state);

[tarcieri]

As a stopgap, you can enable the compress feature and use the sha2::compress256 function directly.

The Sha256 type is a wrapper around the compression function which implements the Merkle-Damgaard construction: https://github.com/RustCrypto/hashes/blob/08c995c/sha2/src/core_api.rs#L13-L69

[sinui0]

Ah, I did encounter that feature but it didn't click how to use it until now. I'm not familiar with the internals of SHA2 and assumed there is additional processing required outside that compression function. Thanks!

[newpavlov]

I think #310 is a relevant issue here.

[newpavlov]

I am going to close this issue in favor of #310